document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-25 23:11:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7 from LCTT/master

Browse Source 
翻译前的更新。
This commit is contained in:
Chang Liu 2017-03-09 15:57:49 +08:00 committed by GitHub
commit 1316ec1aa5
19 changed files with 1156 additions and 1151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
translated/tech/20170227 How to Install MariaDB 10 on Debian and Ubuntu.md → published/20170227 How to Install MariaDB 10 on Debian and Ubuntu.md
View File

@ -1,7 +1,7 @@
如何在 Debian 和 Ubuntu 上安装 MariaDB 10
============================================================
MariaDB 是深受欢迎的数据库管理服务器软件 MySQL 的一个免费并且开源的分支。它由 MySQL 的原开发者在 GPLv2通用公共许可证 2 版)下开发,并保持开源。
MariaDB 是深受欢迎的数据库管理服务器软件 MySQL 的一个自由开源的分支。它由 MySQL 的原开发者在 GPLv2通用公共许可证 2 版)下开发,并保持开源。
它被设计来实现 MySQL 的高兼容性。对于初学者,可以阅读 [MariaDB vs MySQL][5] 来了解关于它们的特性的更多信息。更重要的是,它被一些大公司/组织使用,比如 Wikipedia、WordPress.com 和 Google plus ,除此之外还有更多的。
@ -9,9 +9,9 @@ MariaDB 是深受欢迎的数据库管理服务器软件 MySQL 的一个免费
### 在 Debian 和 Ubuntu 上安装 MariaDB
1. 在安装之前 MariaDB 之前,你需要通过下面的命令导入仓库密匙并获取 MariaDB 仓库
1在安装之前 MariaDB 之前,你需要通过下面的命令导入仓库密匙并获取 MariaDB 仓库
#### 在 Debian 10(Sid) 上
**在 Debian 10 (Sid) 上**
```
$ sudo apt-get install software-properties-common
@ -19,7 +19,7 @@ $ sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1
$ sudo add-apt-repository 'deb [arch=amd64,i386] http://www.ftp.saix.net/DB/mariadb/repo/10.1/debian sid main'
```
#### 在 Debian 9(Stretch) 上
**在 Debian 9 (Stretch) 上**
```
$ sudo apt-get install software-properties-common
@ -27,7 +27,7 @@ $ sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xF1656F24C74CD1
$ sudo add-apt-repository 'deb [arch=amd64] http://www.ftp.saix.net/DB/mariadb/repo/10.1/debian stretch main'
```
#### 在 Debian 8(Jessie) 上
**在 Debian 8 (Jessie) 上**
```
$ sudo apt-get install software-properties-common
@ -35,7 +35,7 @@ $ sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943
$ sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://www.ftp.saix.net/DB/mariadb/repo/10.1/debian jessie main'
```
#### 在 Debian 7(Wheezy) 上
**在 Debian 7 (Wheezy) 上**
```
$ sudo apt-get install python-software-properties
@ -43,7 +43,7 @@ $ sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943
$ sudo add-apt-repository 'deb [arch=amd64,i386] http://www.ftp.saix.net/DB/mariadb/repo/10.1/debian wheezy main'
```
#### 在 Ubuntu 16.10(Yakkety Yak) 上
**在 Ubuntu 16.10 (Yakkety Yak) 上**
```
$ sudo apt-get install software-properties-common
@ -51,7 +51,7 @@ $ sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656
$ sudo add-apt-repository 'deb [arch=amd64,i386] http://www.ftp.saix.net/DB/mariadb/repo/10.1/ubuntu yakkety main'
```
#### 在 Ubuntu 16.04 (Xenial Xerus) 上
**在 Ubuntu 16.04 (Xenial Xerus) 上**
```
$ sudo apt-get install software-properties-common
@ -59,7 +59,7 @@ $ sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656
$ sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://www.ftp.saix.net/DB/mariadb/repo/10.1/ubuntu xenial main'
```
#### 在 Ubuntu 14.04 (Trusty) 上
**在 Ubuntu 14.04 (Trusty) 上**
```
$ sudo apt-get install software-properties-common
@ -67,7 +67,7 @@ $ sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xcbcb0
$ sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://www.ftp.saix.net/DB/mariadb/repo/10.1/ubuntu trusty main'
```
2. 然后,更新系统安装包列表,并像下面这样安装 MariaDB 服务器:
2 然后,更新系统安装包列表,并像下面这样安装 MariaDB 服务器:
```
$ sudo apt-get update
@ -80,18 +80,18 @@ $ sudo apt-get install mariadb-server
![Set New Root Password for MariaDB](http://www.tecmint.com/wp-content/uploads/2017/02/Set-New-Root-Password-for-MariaDB.png)
][6]
为 MariaDB 设置新的 Root 密码
*为 MariaDB 设置新的 Root 密码*
重新输入密码并按下 [ENTER] 键来继续安装。
再次输入密码并按下回车键来继续安装。
[
![Repeat MariaDB Password](http://www.tecmint.com/wp-content/uploads/2017/02/Repeat-MariaDB-Password.png)
][7]
再次输入 MariaDB 密码
*再次输入 MariaDB 密码*
当 MariaDB 安装包安装完成以后,启动数据库服务器 daemon,同时启用它,使得在下次开机时它能够像下面这样自动启动:
当 MariaDB 安装包安装完成以后,启动数据库服务器守护进程,同时启用它,使得在下次开机时它能够像下面这样自动启动:
```
------------- On SystemD Systems -------------
@ -109,15 +109,15 @@ $ sudo service mysql status
![Start MariaDB Service](http://www.tecmint.com/wp-content/uploads/2017/02/Start-MariaDB-Service.png)
][8]
开启 MariaDB 服务
*开启 MariaDB 服务*
4. 然后,运行 `mysql_secure_installation` 脚本来保护数据库,在这儿你可以:
4 然后,运行 `mysql_secure_installation` 脚本来保护数据库,在这儿你可以:
1. 设置 root 密码(如果在上面的配置环节你没有进行设置的话)。
2. 禁止远程 root 登录
3. 移除测试数据库
4. 移除匿名用户
5. 重装特权
5. 重载权限配置
```
$ sudo mysql_secure_installation
@ -126,9 +126,9 @@ $ sudo mysql_secure_installation
![Secure MariaDB Installation](http://www.tecmint.com/wp-content/uploads/2017/02/sudo-mysql-secure-installation.png)
][9]
保护 MariaDB 安装
*保护 MariaDB 安装*
5. 一旦数据库服务器受保护以后,可以使用下面的 shell 命令查看已安装版本和登录 MariaDB
5 一旦数据库服务器受保护以后,可以使用下面的 shell 命令查看已安装版本和登录 MariaDB
```
$ mysql -V
@ -138,7 +138,7 @@ $ mysql -u root -p
![Check MariaDB Version](http://www.tecmint.com/wp-content/uploads/2017/02/Check-MariaDB-Version.png)
][10]
查看 MariaDB 版本
*查看 MariaDB 版本*
开始学习 MySQL/MariaDB 请阅读:
@ -153,20 +153,17 @@ $ mysql -u root -p
--------------------------------------------------------------------------------
作者简介:
Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux 系统管理员和网络开发人员,目前是 TecMint 的内容创作者,他喜欢用电脑工作,并坚信分享知识。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/install-mariadb-in-ubuntu-and-debian/
作者:[Aaron Kili][a]
译者:[ucasFL](https://github.com/ucasFL)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

396
published/LXD/Part 12 - LXD 2.0 Debugging and contributing to LXD .md Normal file
View File

@ -0,0 +1,396 @@
LXD 2.0 系列(十二):调试,及给 LXD 做贡献
================
![LXD logo](https://linuxcontainers.org/static/img/containers.png)
### 介绍
终于要结束了!这个大约一年前开始的[这系列文章][3]的最后一篇博文。
如果你从一开始就关注了这个系列,你应该已经使用了 LXD 相当长的时间了,并且非常熟悉它的日常操作和功能。
但如果出现问题怎么办?你可以做什么来自己跟踪问题?如果你不能,你应该记录什么信息,以便上游可以跟踪问题?
如果你想自己解决问题或通过实现你需要的功能来帮助改善LXD怎么办如何构建测试和贡献 LXD 代码库?
### 调试 LXD 并填写 bug 报告
#### LXD 日志文件
`/var/log/lxd/lxd.log`
这是 LXD 日志的主文件。为了避免它快速充满你的磁盘,默认只会记录 `INFO`、`WARNING` 或者 `ERROR` 级别的日志。你可以在 LXD 守护进程中使用 `debug` 改变其行为。
`/var/log/lxd/CONTAINER/lxc.conf`
每当你启动容器时,此文件将更新为传递给 LXC 的配置。
这里会展示容器将如何配置,包括其所有的设备、绑定挂载等等。
`/var/log/lxd/CONTAINER/forkexec.log`
这个文件包含 LXC 命令执行失败时产生的错误。这个情况是非常罕见的,因为 LXD 通常会在发生之前处理大多数错误。
`/var/log/lxd/CONTAINER/forkstart.log`
这个文件包含 LXC 在启动容器时的错误信息。含 LXC 命令执行失败时产生的错误。
#### CRIU 日志 (对于实时迁移)
如果使用 CRIU 进行容器实时迁移或实时快照,则每次生成 CRIU 转储或恢复转储时都会记录额外的日志文件。
这些日志也可以在 `/var/log/lxd/CONTAINER/` 中找到,并且有时间戳,以便你可以找到与你最近的操作所匹配的那些日志。它们包含 CRIU 转储和恢复的所有内容的详细记录,并且比典型的迁移/快照错误消息更容器理解。
#### LXD 调试消息
如上所述,你可以使用 `-debug` 选项将守护进程切换为执行调试日志记录。另一种方法是连接到守护进程的事件接口,它将显示所有日志条目,而不管配置的日志级别(即使是远程工作)。
举例说,对于 `lxc init ubuntu:16.04 xen` 来说,
`lxd.log` 会是这样:
```
INFO[02-24|18:14:09] Starting container action=start created=2017-02-24T23:11:45+0000 ephemeral=false name=xen stateful=false used=1970-01-01T00:00:00+0000
INFO[02-24|18:14:10] Started container action=start created=2017-02-24T23:11:45+0000 ephemeral=false name=xen stateful=false used=1970-01-01T00:00:00+0000
```
`lxc monitor type=logging` 会是:
```
metadata:
context: {}
level: dbug
message: 'New events listener: 9b725741-ffe7-4bfc-8d3e-fe620fc6e00a'
timestamp: 2017-02-24T18:14:01.025989062-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.341283344-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StorageCoreInit
timestamp: 2017-02-24T18:14:09.341536477-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0/containers/xen
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.347709394-05:00
type: logging
metadata:
context:
ip: '@'
method: PUT
url: /1.0/containers/xen/state
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.357046302-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'New task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:09.358387853-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Started task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:09.358578599-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0/operations/2e2cf904-c4c4-4693-881f-57897d602ad3/wait
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.366213106-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolInit
timestamp: 2017-02-24T18:14:09.369636451-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolCheck
timestamp: 2017-02-24T18:14:09.369771164-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.424696767-05:00
type: logging
metadata:
context:
driver: storage/zfs
name: xen
level: dbug
message: ContainerUmount
timestamp: 2017-02-24T18:14:09.432723719-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.721067917-05:00
type: logging
metadata:
context:
action: start
created: 2017-02-24 23:11:45 +0000 UTC
ephemeral: "false"
name: xen
stateful: "false"
used: 1970-01-01 00:00:00 +0000 UTC
level: info
message: Starting container
timestamp: 2017-02-24T18:14:09.749808518-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.792551375-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StorageCoreInit
timestamp: 2017-02-24T18:14:09.792961032-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /internal/containers/23/onstart
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.800803501-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolInit
timestamp: 2017-02-24T18:14:09.803190248-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolCheck
timestamp: 2017-02-24T18:14:09.803251188-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.803306055-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Scheduler: container xen started: re-balancing'
timestamp: 2017-02-24T18:14:09.965080432-05:00
type: logging
metadata:
context:
action: start
created: 2017-02-24 23:11:45 +0000 UTC
ephemeral: "false"
name: xen
stateful: "false"
used: 1970-01-01 00:00:00 +0000 UTC
level: info
message: Started container
timestamp: 2017-02-24T18:14:10.162965059-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Success for task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:10.163072893-05:00
type: logging
```
`lxc monitor` 的格式有点不同于每个条目都缩合成一行的日志文件,但更重要的是,你可以看到所有 `leveldbug` 条目。
### 如何报告 bug
#### LXD 的 bug
最好报告 bug 的地方是 [https://github.com/lxc/lxd/issues][4]。确保完整填写了 bug 报告模板中的内容,这些信息可以节省我们我们时间来复现环境。
#### Ubuntu 的 bug
如果你发现 Ubuntu 包本身有问题,无法安装、升级或删除。或者遇到 LXD init 脚本的问题。报告此类错误的最好是在 Launchpad 上。
在 Ubuntu 系统上,你可以使用:`ubuntu-bug lxd` ,它将自动包括一些日志文件和包信息供我们查看。
#### CRIU 的 bug
与 CRIU 相关的 Bug你可以通过 CRIU 的错误输出发现,你应该在 Launchpad 上报告这些:`ubuntu-bug criu`
请注意,通过 LXD 使用 CRIU 属于测试版功能,除非你愿意通过 Canonical 的支持合同付费支持,要么可能需要一段时间才能查看你的错误报告。
### 贡献给 LXD
LXD 用 [Go][5] 写成并[托管在 Github][6]。我们欢迎任外部的贡献。为 LXD 贡献不需要 CLA 或类似的法律协议签署,只是通常的开发者所有权证书(`Signed-off-by:` 行)。
在我们的问题追踪器工具中,我们列有许多潜在的功能需求,新的贡献者可以以此作为良好的起点。通常最好在开始处理代码先发出 issue这样每个人都知道你正在做这项工作以便我们可以提供一些早期反馈。
#### 从源码源码构建 LXD
这里有上游的维护说明:[https://github.com/lxc/lxd#building-from-source][7]
你需要在 Github 上 fork 上游仓库,然后将你的更改推送到你的分支。我们建议每天 rebase 上游的 LXD因为我们倾向于定期合并更改。
#### 运行测试套件
LXD 维护了两套测试集,单元测试和集成测试。你可以用下面的命令测试所有:
```
sudo -E make check
```
要只运行单元测试,使用:
```
sudo -E go test ./...
```
要运行集成测试,使用:
```
cd test
sudo -E ./main.sh
```
后者支持相当多的环境变量来测试各种存储后端、禁用网络测试、使用 ramdisk 或只是调整日志输出。其中一些是:
* `LXD_BACKEND``btrfs`、`dir`、`lvm` 或 `zfs`” 之一(默认为 `dir`
  运行 LXD 存储驱动程序相关的所有测试。
* `LXD_CONCURRENT``true` 或 `false`(默认为 `false`
  这启用一些额外的并发测试。
* `LXD_DEBUG``true` 或 `false`(默认为 `false`
  记录所有 shell 命令,并在调试模式下运行所有​​ LXD 命令。
* `LXD_INSPECT``true` 或 `false`(默认为 `false`
  测试程序会在故障时挂起,以便你可以检查环境。
* `LXD_LOGS`:将所有 `LXD` 日志文件转储到的目录(默认为 “”)
  所有生成的 LXD 守护进程的 `logs` 目录将被复制到此路径。
* `LXD_OFFLINE``true` 或 `false`(默认为 `false`
  禁用任何依赖于外部网络连接的测试。
* `LXD_TEST_IMAGE` unified 格式的 LXD 镜像的路径(默认为 “”)
  可以使用自定义测试镜像,而不是默认的最小 busybox 镜像。
* `LXD_TMPFS``true` 或 `false`(默认为 `false`
  在 `tmpfs` 安装中运行整个测试套件,这会使用相当多的内存,但会使测试速度明显更快。
* `LXD_VERBOSE``true` 或 `false`(默认为 `false`
  不太极端的 `LXD_DEBUG` 版本。shell 命令仍然会记录,但 `-debug` 不会传递给 LXC 命令LXD 守护进程只能使用 `-verbose` 运行。
测试程序将在实际运行之前提醒你任何缺失的依赖项。在相当快的机器上运行该测试可在 10 分钟内完成。
#### 发送你的分支
发送拉取请求PR之前你需要确认
* 你已经 rebase 了上游分支
* 你的所有提交信息都包括 `Signed-off-by: First Last <email>` 这行
* 已删除任何你的临时调试代码
* 你已经将相关的提交 squash 在一起,以保持你的分支容易审查
* 单元和集成测试全部通过
一切完成后,在 Github 上发起一个拉取请求。我们的 [Jenkins][8] 将验证提交是否全部有 `signed-off`,在 MacOS 和 Windows 上的测试将自动执行,如果看起来不错,我们将触发一个完整的 Jenkins 测试它将在所有存储后端、32 位和 64 位以及我们关心的所有 Go 版本上测试你的分支。
假设我们有人触发了 Jenkins这通常需要不到一个小时的时间。
一旦所有测试完成,我们对代码本身感到满意,你的分支将会被合并,你的代码会出现在下一个 LXD 发布中。如果更改适用于 LXD stable-2.0 分支,我们将为你向后移植。
### 总结
我希望这个系列的博客文章有助于你了解什么是 LXD以及它可以做什么
本系列的范围仅限于 LXD2.0.x但我们也为那些想要最新功能的用户提供每月功能版本。你可以找到一些其他涵盖了原来的 [LXD 2.0系列文章][9]中列出的功能的博客文章。
### 额外的信息
LXD 的主站在: [https://linuxcontainers.org/lxd][10]
LXD 的 GitHub 开发仓库: [https://github.com/lxc/lxd][11]
LXD 的邮件列表: [https://lists.linuxcontainers.org][12]
LXD 的 IRC 频道:#lxcontainers on irc.freenode.net
在线尝试 LXD [https://linuxcontainers.org/lxd/try-it][13]
--------------------------------------------------------------------------------
via: https://stgraber.org/2017/02/27/lxd-2-0-debugging-and-contributing-to-lxd-1212/
作者:[Stéphane Graber][a]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://stgraber.org/author/stgraber/
[1]:https://stgraber.org/author/stgraber/
[2]:https://www.stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[3]:https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[4]:https://github.com/lxc/lxd/issues
[5]:https://golang.org/
[6]:https://github.com/lxc/lxd
[7]:https://github.com/lxc/lxd#building-from-source
[8]:https://jenkins.linuxcontainers.org/
[9]:https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[10]:https://linuxcontainers.org/lxd
[11]:https://github.com/lxc/lxd
[12]:https://lists.linuxcontainers.org/
[13]:https://linuxcontainers.org/lxd/try-it
[14]:https://stgraber.org/2017/02/27/lxd-2-0-debugging-and-contributing-to-lxd-1212/

4
sources/tech/20161128 15 JavaScript frameworks and libraries.md
View File

@ -1,4 +1,4 @@
(翻译中 by runningwater)
(翻译中 by chenxinlong)
15 JavaScript frameworks and libraries
============================================================
![15 JavaScript frameworks and libraries](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/code_javascript.jpg?itok=a4uULCF0 "15 JavaScript frameworks and libraries")
@ -112,7 +112,7 @@ If you have something to add, please comment below and let us know. We are eager
via: https://opensource.com/article/16/11/15-javascript-frameworks-libraries
作者:[Dr. Michael J. Garbade ][a]
译者:[runningwater](https://github.com/runningwater)
译者:[chenxinlong](https://github.com/chenxinlong)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

2
sources/tech/20170210 5 Linux Music Players You Should Consider Switching To.md
View File

@ -1,3 +1,5 @@
cycoe Translating
5 Linux Music Players You Should Consider Switching To
============================================================

267
sources/tech/20170222 Create a Shared Directory on Samba AD DC and Map to WindowsLinux Clients – Part 7.md
View File

@ -1,267 +0,0 @@
#rusking translating
Create a Shared Directory on Samba AD DC and Map to Windows/Linux Clients Part 7
============================================================
This tutorial will guide you on how to create a shared directory on Samba AD DC system, map this Shared Volume to Windows clients integrated into the domain via GPO and manage share permissions from Windows domain controller perspective.
It will also cover how to access and mount the file share from a Linux machine enrolled into domain using a Samba4 domain account.
#### Requirements:
1. [Create an Active Directory Infrastructure with Samba4 on Ubuntu][1]
### Step 1: Create Samba File Share
1. The process of creating a share on Samba AD DC is a very simple task. First create a directory you want to share via SMB protocol and add the below permissions on the filesystem in order to allow a Windows AD DC admin acount to modify the share permissions accordingly to what permissions Windows clients should see.
Assuming that the new file share on the AD DC would be the `/nas` directory, run the below commands to assign the correct permissions.
```
# mkdir /nas
# chmod -R 775 /nas
# chown -R root:"domain users" /nas
# ls -alh | grep nas
```
[
![Create Samba Shared Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][2]
Create Samba Shared Directory
2. After youve created the directory that will be exported as a share from Samba4 AD DC, you need to add the following statements to samba configuration file in order to make the share available via SMB protocol.
```
# nano /etc/samba/smb.conf
```
Go to the bottom of the file and add the following lines:
```
[nas]
path = /nas
read only = no
```
[
![Configure Samba Shared Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][3]
Configure Samba Shared Directory
3. The last thing you need to do is to restart Samba AD DC daemon in order to apply the changes by issuing the below command:
```
# systemctl restart samba-ad-dc.service
```
### Step 2: Manage Samba Share Permissions
4. Since were accessing this shared volume from Windows, using domain accounts (users and groups) that are created on Samba AD DC (the share is not meant to be accessed by Linux system users).
The process of managing permissions can be done directly from Windows Explorer, in the same way permissions are managed for any folder in Windows Explorer.
First, log on to Windows machine with a Samba4 AD account with administrative privileges on the domain. In order to access the share from Windows and set the permissions, type the IP address or host name or FQDN of the Samba AD DC machine in Windows Explorer path field, preceded by two back slashes, and the share should be visible.
```
\\adc1
Or
\\192.168.1.254
Or
\\adc1.tecmint.lan
```
[
![Access Samba Share Directory from Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][4]
Access Samba Share Directory from Windows
5. To modify permissions just right click on the share and choose Properties. Navigate to Security tab and proceed with altering domain users and group permissions accordingly. Use Advanced button in order to fine tune permissions.
[
![Configure Samba Share Directory Permissions](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][5]
Configure Samba Share Directory Permissions
Use the below screenshot as an excerpt on how to tune permissions for specific Samba AD DC authenticated accounts.
[
![Manage Samba Share Directory User Permissions](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][6]
Manage Samba Share Directory User Permissions
6. Other method you can use to manage the share permissions is from Computer Management -> Connect to another computer.
Navigate to Shares, right click on the share you want to modify permissions, choose Properties and move to Security tab. From here you can alter permissions in any way you want just as presented in the previous method using file share permissions.
[
![Connect to Samba Share Directory Machine](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][7]
Connect to Samba Share Directory Machine
[
![Manage Samba Share Directory Properties](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][8]
Manage Samba Share Directory Properties
[
![Assign Samba Share Directory Permissions to Users](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][9]
Assign Samba Share Directory Permissions to Users
### Step 3: Map the Samba File Share via GPO
7. To automatically mount the exported samba file share via domain Group Policy, first on a machine with [RSAT tools installed][10], open AD UC utility, right click on your domain name and, then, choose New -> Shared Folder.
[
![Map Samba Share Folder](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][11]
Map Samba Share Folder
8. Add a name for the shared volume and enter the network path where your share is located as illustrated on the below image. Hit OK when youve finished and the share should now be visible on the right plane.
[
![Set Samba Shared Folder Name Location](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][12]
Set Samba Shared Folder Name Location
9. Next, open Group Policy Management console, expand to your domain Default Domain Policy script and open the file for editing.
On the GPM Editor navigate to User Configuration -> Preferences -> Windows Settings and right click on Drive Maps and choose New -> Mapped Drive.
[
![Map Samba Share Folder in Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][13]
Map Samba Share Folder in Windows
10. On the new window search and add the network location for the share by pressing the right button with three dots, check Reconnect checkbox, add a label for this share, choose the letter for this drive and hit OK button to save and apply configuration.
[
![Configure Network Location for Samba Share Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][14]
Configure Network Location for Samba Share Directory
11. Finally, in order to force and apply GPO changes on your local machine without a system restart, open a Command Prompt and run the following command.
```
gpupdate /force
```
[
![Apply GPO Changes](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][15]
Apply GPO Changes
12. After the policy has been successfully applied on your machine, open Windows Explorer and the shared network volume should be visible and accessible, depending on what permissions youve granted for the share on previous steps.
The share will be visible for other clients on your network after they reboot or re-login onto their systems if the group policy will not forced from command line.
[
![Samba Shared Network Volume on Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][16]
Samba Shared Network Volume on Windows
### Step 4: Access the Samba Shared Volume from Linux Clients
13. Linux users from machines that are enrolled into Samba AD DC can also access or mount the share locally by authenticating into the system with a Samba account.
First, they need to assure that the following samba clients and utilities are installed on their systems by issuing the below command.
```
$ sudo apt-get install smbclient cifs-utils
```
14. In order to list the exported shares your domain provides for a specific domain controller machine use the below command:
```
$ smbclient L your_domain_controller U%
or
$ smbclient L \\adc1 U%
```
[
![List Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][17]
List Samba Share Directory in Linux
15. To interactively connect to a samba share from command line with a domain account use the following command:
```
$ sudo smbclient //adc/share_name -U domain_user
```
On command line you can list the content of the share, download or upload files to the share or perform other tasks. Use ? to list all available smbclient commands.
[
![Connect Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][18]
Connect Samba Share Directory in Linux
16. To mount a samba share on a Linux machine use the below command.
```
$ sudo mount //adc/share_name /mnt -o username=domain_user
```
[
![Mount Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][19]
Mount Samba Share Directory in Linux
Replace the host, share name, mount point and domain user accordingly. Use mount command piped with grep to filter only by cifs expression.
As some final conclusions, shares configured on a Samba4 AD DC will work only with Windows access control lists (ACL), not POSIX ACLs.
Configure Samba as a Domain member with file shares in order to achieve other capabilities for a network share. Also, on an Additional Domain Controller [configure Windbindd daemon][20]  Step Two  before you start exporting network shares.
--------------------------------------------------------------------------------
作者简介:
I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting.
--------------------------------------------------------------------------------
via: 网址
作者:[Matei Cezar][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/cezarmatei/
[1]:http://www.tecmint.com/install-samba4-active-directory-ubuntu/
[2]:http://www.tecmint.com/wp-content/uploads/2017/02/Create-Samba-Shared-Directory.png
[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Samba-Shared-Directory.png
[4]:http://www.tecmint.com/wp-content/uploads/2017/02/Access-Samba-Share-Directory-from-Windows.png
[5]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Samba-Share-Directory-Permissions.png
[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Manage-Samba-Share-Directory-User-Permissions.png
[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Connect-to-Samba-Share-Directory-Machine.png
[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Manage-Samba-Share-Directory-Properties.png
[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Assign-Samba-Share-Directory-Permissions-to-Users.png
[10]:http://www.tecmint.com/manage-samba4-ad-from-windows-via-rsat/
[11]:http://www.tecmint.com/wp-content/uploads/2017/02/Map-Samba-Share-Folder.png
[12]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Samba-Shared-Folder-Name-Location.png
[13]:http://www.tecmint.com/wp-content/uploads/2017/02/Map-Samba-Share-Folder-in-Windows.png
[14]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Network-Location-for-Samba-Share-Directory.png
[15]:http://www.tecmint.com/wp-content/uploads/2017/02/Apply-GPO-Changes.png
[16]:http://www.tecmint.com/wp-content/uploads/2017/02/Samba-Shared-Network-Volume-on-Windows.png
[17]:http://www.tecmint.com/wp-content/uploads/2017/02/List-Samba-Share-Directory-in-Linux.png
[18]:http://www.tecmint.com/wp-content/uploads/2017/02/Connect-Samba-Share-Directory-in-Linux.png
[19]:http://www.tecmint.com/wp-content/uploads/2017/02/Mount-Samba-Share-Directory-in-Linux.png
[20]:http://www.tecmint.com/manage-samba4-active-directory-linux-command-line/
[21]:http://www.tecmint.com/author/cezarmatei/
[22]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[23]:http://www.tecmint.com/free-linux-shell-scripting-books/

2
sources/tech/20170222 Introduction to LaTeXila - a multi-language LaTeX editor for Linux.md
View File

@ -1,3 +1,5 @@
FSSlc translating
Introduction to LaTeXila - a multi-language LaTeX editor for Linux
============================================================

1
sources/tech/20170223 How to install Arch Linux on VirtualBox.md
View File

@ -1,3 +1,4 @@
# rusking translating
How to install Arch Linux on VirtualBox
============================================================

243
sources/tech/20170224 Setting Up a Secure FTP Server using SSL-TLS on Ubuntu.md
View File

@ -1,243 +0,0 @@
translating by DockerChen
Setting Up a Secure FTP Server using SSL/TLS on Ubuntu
============================================================
 Download Your Free eBooks NOW - [10 Free Linux eBooks for Administrators][13] | [4 Free Shell Scripting eBooks][14]
In this tutorial, we will describe how to secure a FTP server (VSFTPD stands for “Very Secure FTP Daemon”) using SSL/TLS in Ubuntu 16.04/16.10.
If youre looking to setup a secure FTP server for CentOS based distributions, you can read  [Secure an FTP Server Using SSL/TLS on CentOS][2]
After following the various steps in this guide, we will have learned the fundamentals of enabling encryption services in a FTP server for secure data transfers is crucial.
#### Requirements
1. You must [Install and Configure a FTP Server in Ubuntu][1]
Before we move further, make sure that all commands in this article will be run as root or [sudo privileged account][3].
### Step 1: Generating SSL/TLS Certificate for FTP on Ubuntu
1. We will begin by creating a subdirectory under: /etc/ssl/ to store the SSL/TLS certificate and key files if it doesnt exist:
```
$ sudo mkdir /etc/ssl/private
```
2. Now lets generate the certificate and key in a single file, by running the command below.
```
$ sudo openssl req -x509 -nodes -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem -days 365 -newkey rsa:2048
```
The above command will prompt you to answer the questions below, dont forget to enter values that applicable to your scenario.
```
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Lower Parel
Locality Name (eg, city) [Default City]:Mumbai
Organization Name (eg, company) [Default Company Ltd]:TecMint.com
Organizational Unit Name (eg, section) []:Linux and Open Source
Common Name (eg, your name or your server's hostname) []:tecmint
Email Address []:admin@tecmint.com
```
### Step 2: Configuring VSFTPD to Use SSL/TLS on Ubuntu
3. Before we perform any VSFTPD configurations, for those who have [UFW firewall enabled][4], you have to open the ports 990 and 40000-50000 to allow TLS connections and the port range of passive ports to set in the VSFTPD configuration file respectively:
```
$ sudo ufw allow 990/tcp
$ sudo ufw allow 40000:50000/tcp
$ sudo ufw status
```
4. Now, open the VSFTPD config file and define the SSL details in it:
```
$ sudo vi /etc/vsftpd/vsftpd.conf
OR
$ sudo nano /etc/vsftpd/vsftpd.conf
```
Then, add or locate the option `ssl_enable` and set its value to YES to activate the use of SSL, again, because TLS is more secure than SSL, we will restrict VSFTPD to use TLS instead, by enabling the `ssl_tlsv1` option:
```
ssl_enable=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
```
5. Next, comment out the lines below using the `#` character as follows:
```
#rsa_cert_file=/etc/ssl/private/ssl-cert-snakeoil.pem
#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
```
Afterwards, add the lines below to define the location of the SSL certificate and key file:
```
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
```
6. Now, we also have to prevent anonymous users from using SSL, then force all non-anonymous logins to use a secure SSL connection for data transfer and to send the password during login:
```
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
```
7. Furthermore, we can use the options below to add more security features in the FTP server. With option `require_ssl_reuse=YES`, all SSL data connections are required to exhibit SSL session reuse; proving that they know the same master secret as the control channel. So, we should disable it.
```
require_ssl_reuse=NO
```
In addition, we can set which SSL ciphers VSFTPD will permit for encrypted SSL connections with the `ssl_ciphers` option. This will help frustrate any efforts by attackers who try to force a specific cipher which they possibly discovered vulnerabilities in:
```
ssl_ciphers=HIGH
```
8. Then, lets define the port range (min and max port) of passive ports.
```
pasv_min_port=40000
pasv_max_port=50000
```
9. To enable SSL debugging, meaning openSSL connection diagnostics are recorded to the VSFTPD log file, we can use the `debug_ssl` option:
```
debug_ssl=YES
```
Finally save the file and close it. Then restart VSFTPD service:
```
$ systemctl restart vsftpd
```
### Step 3: Verify FTP with SSL/TLS Connections on Ubuntu
10. After performing all the above configurations, test if VSFTPD is now using SSL/TLS connections by trying to [use FTP from the command line][5] as below.
From the output below, there is an error message telling us VSFTPD can only permit users (non-anonymous) to login from secure clients which support encryption services.
```
$ ftp 192.168.56.10
Connected to 192.168.56.10 (192.168.56.10).
220 Welcome to TecMint.com FTP service.
Name (192.168.56.10:root) : ravi
530 Non-anonymous sessions must use encryption.
Login failed.
421 Service not available, remote server has closed connection
ftp>
```
The command line doesnt support encryption services thus resulting to the error above. Therefore, to securely connect to a FTP server with encryption services enabled, we need a FTP client that supports SSL/TLS connections by default, such as FileZilla.
### Step 4:Install FileZilla On Clients to Connect FTP Securely
FileZilla is a powerful, widely used cross-platform FTP client which supports FTP over SSL/TLS and more. To install FileZilla on a Linux client machine, use the following command.
```
--------- On Debian/Ubuntu ---------
$ sudo apt-get install filezilla
--------- On CentOS/RHEL/Fedora ---------
# yum install epel-release filezilla
--------- On Fedora 22+ ---------
$ sudo dnf install filezilla
```
12. Once the installation completes, open it and go to File=>Sites Manager or (press Ctrl+S) to get the Site Manager interface below.
[
![Filezilla Site Manager](http://www.tecmint.com/wp-content/uploads/2017/02/Filezilla-Site-Manager.png)
][6]
Filezilla Site Manager
13. Now, define the host/site name, add the IP address, define the protocol to use, encryption and logon type as in the screen shot below (use values that apply to your scenario):
Click on New Site button to configure a new site/host connection.
```
Host: 192.168.56.10
Protocol: FTP File Transfer Protocol
Encryption: Require explicit FTP over #recommended
Logon Type: Ask for password #recommended
User: username
```
[
![Configure New FTP Site on Filezilla](http://www.tecmint.com/wp-content/uploads/2017/02/Configure-New-FTP-Site-on-Filezilla.png)
][7]
Configure New FTP Site on Filezilla
14. Then click on Connect from the interface above to enter the password, and then verify the certificate being used for the SSL/TLS connection, and click OK once more to connect to the FTP server:
[
![Verify FTP SSL Certificate](http://www.tecmint.com/wp-content/uploads/2017/02/Verify-FTP-SSL-Certificate-1.png)
][8]
Verify FTP SSL Certificate
15. Now, you should have logged successfully into the FTP server over a TLS connection, check the connection status section for more information from the interface below.
[
![Connected to Ubuntu FTP Server](http://www.tecmint.com/wp-content/uploads/2017/02/Connected-Ubuntu-FTP-Server.png)
][9]
Connected to Ubuntu FTP Server
16. Lastly, lets [transfer files from the local machine to the FTP sever][10] in the files folder, take a look at the lower end of the FileZilla interface to view reports concerning file transfers.
[
![Secure FTP File Transfer using Filezilla](http://www.tecmint.com/wp-content/uploads/2017/02/Transfer-Files-Securely-using-FTP.png)
][11]
Secure FTP File Transfer using Filezilla
Thats all! Always remember that installing a FTP server without enabling encryption services has certain security implications. As we explained in this tutorial, you can configure a FTP server to use SSL/TLS connections to implement security in Ubuntu 16.04/16.10.
If you face any issues in setting up SSL/TLS on FTP server, do use the comment form below to share your problems or thoughts concerning this tutorial/topic.
--------------------------------------------------------------------------------
作者简介:
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/secure-ftp-server-using-ssl-tls-on-ubuntu/
作者:[Aaron Kili][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/aaronkili/
[1]:http://www.tecmint.com/install-ftp-server-in-ubuntu/
[2]:http://www.tecmint.com/axel-commandline-download-accelerator-for-linux/
[3]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/
[4]:http://www.tecmint.com/how-to-install-and-configure-ufw-firewall/
[5]:http://www.tecmint.com/sftp-command-examples/
[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Filezilla-Site-Manager.png
[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-New-FTP-Site-on-Filezilla.png
[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Verify-FTP-SSL-Certificate-1.png
[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Connected-Ubuntu-FTP-Server.png
[10]:http://www.tecmint.com/sftp-command-examples/
[11]:http://www.tecmint.com/wp-content/uploads/2017/02/Transfer-Files-Securely-using-FTP.png
[12]:http://www.tecmint.com/author/aaronkili/
[13]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[14]:http://www.tecmint.com/free-linux-shell-scripting-books/

401
sources/tech/20170227 Part 12 - LXD 2.0 Debugging and contributing to LXD .md
View File

@ -1,401 +0,0 @@
# LXD 2.0: Debugging and contributing to LXD [12/12]
![LXD logo](https://linuxcontainers.org/static/img/containers.png)
### Introduction
This is finally it! The last blog post in this [series of 12][3] that started almost a year ago.
If you followed the series from the beginning, you should have been using LXD for quite a bit of time now and be pretty familiar with its day to day operation and capabilities.
But what if something goes wrong? What can you do to track down the problem yourself? And if you cant, what information should you record so that upstream can track down the problem?
And what if you want to fix issues yourself or help improve LXD by implementing the features you need? How do you build, test and contribute to the LXD code base?
## Debugging LXD & filing bug reports
### LXD log files
#### /var/log/lxd/lxd.log
This is the main LXD log file. To avoid filling up your disk very quickly, only log messages marked as INFO, WARNING or ERROR are recorded there by default. You can change that behavior by passing “debug” to the LXD daemon.
#### /var/log/lxd/CONTAINER/lxc.conf
Whenever you start a container, this file is updated with the configuration thats passed to LXC.
This shows exactly how the container will be configured, including all its devices, bind-mounts, …
#### /var/log/lxd/CONTAINER/forkexec.log
This file will contain errors coming from LXC when failing to execute a command.
Its extremely rare for anything to end up in there as LXD usually handles errors much before that.
#### /var/log/lxd/CONTAINER/forkstart.log
This file will contain errors coming from LXC when starting the container.
Its extremely rare for anything to end up in there as LXD usually handles errors much before that.
### CRIU logs (for live migration)
If you are using CRIU for container live migration or live snapshotting there are additional log files recorded every time a CRIU dump is generated or a dump is restored.
Those logs can also be found in /var/log/lxd/CONTAINER/ and are timestamped so that you can find whichever matches your most recent attempt. They will contain a detailed record of everything thats dumped and restored by CRIU and are far better for understanding a failure than the typical migration/snapshot error message.
### LXD debug messages
As mentioned above, you can switch the daemon to doing debug logging with the debug option.
An alternative to that is to connect to the daemons event interface which will show you all log entries, regardless of the configured log level (even works remotely).
An example for “lxc init ubuntu:16.04 xen” would be:
**lxd.log:**
```
INFO[02-24|18:14:09] Starting container action=start created=2017-02-24T23:11:45+0000 ephemeral=false name=xen stateful=false used=1970-01-01T00:00:00+0000
INFO[02-24|18:14:10] Started container action=start created=2017-02-24T23:11:45+0000 ephemeral=false name=xen stateful=false used=1970-01-01T00:00:00+0000
```
**lxc monitor type=logging:**
```
metadata:
context: {}
level: dbug
message: 'New events listener: 9b725741-ffe7-4bfc-8d3e-fe620fc6e00a'
timestamp: 2017-02-24T18:14:01.025989062-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.341283344-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StorageCoreInit
timestamp: 2017-02-24T18:14:09.341536477-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0/containers/xen
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.347709394-05:00
type: logging
metadata:
context:
ip: '@'
method: PUT
url: /1.0/containers/xen/state
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.357046302-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'New task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:09.358387853-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Started task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:09.358578599-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0/operations/2e2cf904-c4c4-4693-881f-57897d602ad3/wait
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.366213106-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolInit
timestamp: 2017-02-24T18:14:09.369636451-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolCheck
timestamp: 2017-02-24T18:14:09.369771164-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.424696767-05:00
type: logging
metadata:
context:
driver: storage/zfs
name: xen
level: dbug
message: ContainerUmount
timestamp: 2017-02-24T18:14:09.432723719-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.721067917-05:00
type: logging
metadata:
context:
action: start
created: 2017-02-24 23:11:45 +0000 UTC
ephemeral: "false"
name: xen
stateful: "false"
used: 1970-01-01 00:00:00 +0000 UTC
level: info
message: Starting container
timestamp: 2017-02-24T18:14:09.749808518-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /1.0
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.792551375-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StorageCoreInit
timestamp: 2017-02-24T18:14:09.792961032-05:00
type: logging
metadata:
context:
ip: '@'
method: GET
url: /internal/containers/23/onstart
level: dbug
message: handling
timestamp: 2017-02-24T18:14:09.800803501-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolInit
timestamp: 2017-02-24T18:14:09.803190248-05:00
type: logging
metadata:
context:
driver: storage/zfs
level: dbug
message: StoragePoolCheck
timestamp: 2017-02-24T18:14:09.803251188-05:00
type: logging
metadata:
context:
container: xen
driver: storage/zfs
level: dbug
message: ContainerMount
timestamp: 2017-02-24T18:14:09.803306055-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Scheduler: container xen started: re-balancing'
timestamp: 2017-02-24T18:14:09.965080432-05:00
type: logging
metadata:
context:
action: start
created: 2017-02-24 23:11:45 +0000 UTC
ephemeral: "false"
name: xen
stateful: "false"
used: 1970-01-01 00:00:00 +0000 UTC
level: info
message: Started container
timestamp: 2017-02-24T18:14:10.162965059-05:00
type: logging
metadata:
context: {}
level: dbug
message: 'Success for task operation: 2e2cf904-c4c4-4693-881f-57897d602ad3'
timestamp: 2017-02-24T18:14:10.163072893-05:00
type: logging
```
The format from “lxc monitor” is a bit different from what youd get in a log file where each entry is condense into a single line, but more importantly you see all those “level: dbug” entries
## Where to report bugs
### LXD bugs
The best place to report LXD bugs is upstream at [https://github.com/lxc/lxd/issues][4].
Make sure to fill in everything in the bug reporting template as that information saves us a lot of back and forth to reproduce your environment.
### Ubuntu bugs
If you find a problem with the Ubuntu package itself, failing to install, upgrade or remove. Or run into issues with the LXD init scripts. The best place to report such bugs is on Launchpad.
On an Ubuntu system, you can do so with: ubuntu-bug lxd
This will automatically include a number of log files and package information for us to look at.
### CRIU bugs
Bugs that are related to CRIU which you can spot by the usually pretty visible CRIU error output should be reported on Launchpad with: ubuntu-bug criu
Do note that the use of CRIU through LXD is considered to be a beta feature and unless you are willing to pay for support through a support contract with Canonical, it may take a while before we get to look at your bug report.
## Contributing to LXD
LXD is written in [Go][5] and [hosted on Github][6].
We welcome external contributions of any size. There is no CLA or similar legal agreement to sign to contribute to LXD, just the usual Developer Certificate of Ownership (Signed-off-by: line).
We have a number of potential features listed on our issue tracker that can make good starting points for new contributors. Its usually best to first file an issue before starting to work on code, just so everyone knows that youre doing that work and so we can give some early feedback.
### Building LXD from source
Upstream maintains up to date instructions here: [https://github.com/lxc/lxd#building-from-source][7]
Youll want to fork the upstream repository on Github and then push your changes to your branch. We recommend rebasing on upstream LXD daily as we do tend to merge changes pretty regularly.
### Running the testsuite
LXD maintains two sets of tests. Unit tests and integration tests. You can run all of them with:
```
sudo -E make check
```
To run the unit tests only, use:
```
sudo -E go test ./...
```
To run the integration tests, use:
```
cd test
sudo -E ./main.sh
```
That latter one supports quite a number of environment variables to test various storage backends, disable network tests, use a ramdisk or just tweak log output. Some of those are:
* LXD_BACKEND: One of “btrfs”, “dir”, “lvm” or “zfs” (defaults to “dir”)
Lets your run the whole testsuite with any of the LXD storage drivers.
* LXD_CONCURRENT: “true” or “false” (defaults to “false”)
This enables a few extra concurrency tests.
* LXD_DEBUG: “true” or “false” (defaults to “false”)
This will log all shell commands and run all LXD commands in debug mode.
* LXD_INSPECT: “true” or “false” (defaults to “false”)
This will cause the testsuite to hang on failure so you can inspect the environment.
* LXD_LOGS: A directory to dump all LXD log files into (defaults to “”)
The “logs” directory of all spawned LXD daemons will be copied over to this path.
* LXD_OFFLINE: “true” or “false” (defaults to “false”)
Disables any test which relies on outside network connectivity.
* LXD_TEST_IMAGE: path to a LXD image in the unified format (defaults to “”)
Lets you use a custom test image rather than the default minimal busybox image.
* LXD_TMPFS: “true” or “false” (defaults to “false”)
Runs the whole testsuite within a “tmpfs” mount, this can use quite a bit of memory but makes the testsuite significantly faster.
* LXD_VERBOSE: “true” or “false” (defaults to “false”)
A less extreme version of LXD_DEBUG. Shell commands are still logged but debug isnt passed to the LXC commands and the LXD daemon only runs with verbose.
The testsuite will alert you to any missing dependency before it actually runs. A test run on a reasonably fast machine can be done under 10 minutes.
### Sending your branch
Before sending a pull request, youll want to confirm that:
* Your branch has been rebased on the upstream branch
* All your commits messages include the “Signed-off-by: First Last <email>” line
* Youve removed any temporary debugging code you may have used
* Youve squashed related commits together to keep your branch easily reviewable
* The unit and integration tests all pass
Once thats all done, open a pull request on Github. Our [Jenkins][8] will validate that the commits are all signed-off, a test build on MacOS and Windows will automatically be performed and if things look good, well trigger a full Jenkins test run that will test your branch on all storage backends, 32bit and 64bit and all the Go versions we care about.
This typically takes less than an hour to happen, assuming one of us is around to trigger Jenkins.
Once all the tests are done and were happy with the code itself, your branch will be merged into master and your code will be in the next LXD feature release. If the changes are suitable for the LXD stable-2.0 branch, well backport them for you.
# Conclusion
I hope this series of blog post has been helpful in understanding what LXD is and what it can do!
This series scope was limited to the LTS version of LXD (2.0.x) but we also do monthly feature releases for those who want the latest features. You can find a few other blog posts covering such features listed in the original [LXD 2.0 series post][9].
# Extra information
The main LXD website is at: [https://linuxcontainers.org/lxd
][10]Development happens on Github at: [https://github.com/lxc/lxd][11]
Mailing-list support happens on: [https://lists.linuxcontainers.org][12]
IRC support happens in: #lxcontainers on irc.freenode.net
Try LXD online: [https://linuxcontainers.org/lxd/try-it][13]
--------------------------------------------------------------------------------
via: https://stgraber.org/2017/02/27/lxd-2-0-debugging-and-contributing-to-lxd-1212/
作者:[Stéphane Graber ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://stgraber.org/author/stgraber/
[1]:https://stgraber.org/author/stgraber/
[2]:https://www.stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[3]:https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[4]:https://github.com/lxc/lxd/issues
[5]:https://golang.org/
[6]:https://github.com/lxc/lxd
[7]:https://github.com/lxc/lxd#building-from-source
[8]:https://jenkins.linuxcontainers.org/
[9]:https://stgraber.org/2016/03/11/lxd-2-0-blog-post-series-012/
[10]:https://linuxcontainers.org/lxd
[11]:https://github.com/lxc/lxd
[12]:https://lists.linuxcontainers.org/
[13]:https://linuxcontainers.org/lxd/try-it
[14]:https://stgraber.org/2017/02/27/lxd-2-0-debugging-and-contributing-to-lxd-1212/

91
sources/tech/20170306 How to Upgrade Kernel to Latest Version in Ubuntu.md
View File

@ -1,91 +0,0 @@
How to Upgrade Kernel to Latest Version in Ubuntu
============================================================
Periodically new devices and technology coming out and its important to keep our Linux system kernel up-to-date if we want to get the most of out it. Moreover, updating system kernel will ease us to take advantage of new kernel fuctions and also it helps us to protect ourselves from vulnerabilities that have been found in earlier versions.
**Suggested Read:** [How to Upgrade Kernel in CentOS 7][1]
Ready to update your kernel on Ubuntu 16.04 or one of their derivatives such as Debian and Linux Mint? If so, keep reading!
### Step 1: Check Installed Kernel Version
To find the current version of installed kernel on our system we can do:
```
$ uname -sr
```
The following image shows the output of the above command in a Ubuntu 16.04 server:
[
![Check Kernel Version in Ubuntu](http://www.tecmint.com/wp-content/uploads/2017/03/Check-Kernel-Version-in-Ubuntu.png)
][2]
Check Kernel Version in Ubuntu
### Step 2: Upgrading Kernel in Ubuntu 16.04
To upgrade the kernel in Ubuntu 16.04, go to [http://kernel.ubuntu.com/~kernel-ppa/mainline/][3] and choose the desired version from the list by clicking on it.
Next, download the `.deb` files for your system architecture (see highlighted in yellow below for a 32-bit system):
```
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.9.13/linux-headers-4.9.13-040913_4.9.13-040913.201702260631_all.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.9.13/linux-headers-4.9.13-040913-generic_4.9.13-040913.201702260631_i386.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.9.13/linux-image-4.9.13-040913-generic_4.9.13-040913.201702260631_i386.deb
```
Once youve downloaded all the above kernel files, now install them as follows:
```
$ sudo dpkg -i *.deb
```
Once the installation is complete, reboot your machine and verify that the new kernel version is being used:
```
$ uname -sr
```
And thats it. You are now using a much more recent kernel version than the one installed by default with Ubuntu 16.04.
##### Summary
In this article weve shown how to easily upgrade the Linux kernel on Ubuntu system. There is yet another procedure which we havent showed here as it requires compiling the kernel from source, which is not recommended on production Linux systems.
If youre still interested in compiling the kernel as a learning experience, you will get the instructions on how to do it at the [Kernel Newbies][4] page.
As always, feel free to use the form below if you have any questions or comments about this article.
--------------------------------------------------------------------------------
作者简介:
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.
--------------------------------------------------------------------------------
作者简介:
Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/upgrade-kernel-in-ubuntu/
作者:[Gabriel Cánepa][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/install-upgrade-kernel-version-in-centos-7/
[2]:http://www.tecmint.com/wp-content/uploads/2017/03/Check-Kernel-Version-in-Ubuntu.png
[3]:http://kernel.ubuntu.com/~kernel-ppa/mainline/
[4]:https://kernelnewbies.org/KernelBuild
[5]:http://www.tecmint.com/author/gacanepa/
[6]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[7]:http://www.tecmint.com/free-linux-shell-scripting-books/

58
sources/tech/20170307 How to make release notes count.md
View File

@ -1,58 +0,0 @@
How to make release notes count
============================================================
![How to make release notes count](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/rh_003784_02_os.comcareers_resume_rh1x.png?itok=CK6VJq5w "How to make release notes count")
>Image by : opensource.com
Congratulations! You're ready to ship the latest release of your software package. Now you need to make sure your release notes are in order. Sure, you could just slap "bug fixes and performance improvements" on the box and call it a day, but that doesn't really tell your users anything.
Release notes are for both support and marketing. They tell your current users why this new release is important to them and showcase your software to potential users. Thus, you want to make the content clear, understandable, and most importantly, relevant. There's no one way to write release notes, so this is general advice, not an edict.
One popular trend is to make the release notes a narrative that includes a lot of silliness. If that's your thing, go for it—just remember that jokes are often context-sensitive, and what you think is hilarious might be totally lost on your readers. And, of course, you can't forget to include the important information.
### Getting started
Perhaps the single most important takeaway from this article is to write your release notes for the people who will read them. For user-facing software, focus on the user-facing behavior instead of the internal implementation. For example, say, "Clicking the 'Cancel' button will light your computer on fire," instead of "thermalEventTrigger defaulted to True in the cancelThatThing function."
Try to limit each note to a sentence or two. The point is to highlight the important part, not give a detailed explanation. If you have a public issue tracker, include a link (or at least an issue number) where readers can go find details if they're so inclined.
You don't have to lay out your release notes this way, but I like the following format. Start with the version number and release date. For major releases, you might also include a few sentences to highlight the major theme. For example, "This release focuses on adding an email client, because that's the eventual end state of all software."
### Compatibility changes
If the new release introduces changes in compatibility or default behavior, highlight those explicitly. Your users will thank you, as will anyone who provides user support. Describe the cases where the behavior change will be encountered, how to address the change, and what happens if the user doesn't act on the change. For minor releases, you probably don't have any incompatible changes, so you can leave out this section.
### Features and enhancements
Now is the time to brag about all of the cool, new stuff your software does, but remember to focus on the user's perspective. For example, "The software now supports the automatic detection of pictures of lunch and posts them to Instagram."
### Issues resolved
No software is perfect, and this is the section where you tell readers about all of the hard work your team did to make the project a little better. Write these notes in the past tense, because the bad behavior is dead and gone. If it's clear where the bug was introduced, include that information. Some projects include bugs in the documentation in this section as well.
### Known issues
Because no software is perfect, there are always bugs left unsquashed. This section is the place to list those. You don't have to confess everything; focus on the bugs that impact functionality, especially if they were discovered since the last release. Write these in the future tense, and when you've addressed it, you just have to change the verb tense and it's ready to move up a section.
--------------------------------------------------------------------------------
作者简介:
Ben Cotton - Ben Cotton is a meteorologist by training and a high-performance computing engineer by trade. Ben works as a technical evangelist at Cycle Computing. He is a Fedora user and contributor, co-founded a local open source meetup group, and is a member of the Open Source Initiative and a supporter of Software Freedom Conservancy. Find him on Twitter (@FunnelFiasco)
--------------
via: https://opensource.com/article/17/3/how-to-improve-release-notes
作者:[Ben Cotton][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/bcotton
[1]:https://opensource.com/article/17/3/how-to-improve-release-notes?rate=81ry_1MGfmsPXV6_y_4St2DQI4XyJAqIzs4yTNtUrpA
[2]:https://opensource.com/user/30131/feed
[3]:https://opensource.com/article/17/3/how-to-improve-release-notes#comments
[4]:https://opensource.com/users/bcotton

38
sources/tech/linux-distro -explain/20140513 What is Debian A brief introduction.md
View File

@ -1,38 +0,0 @@
zschong 翻译中
### What is Debian? A brief introduction
Hello buddies.!! 
Today we have something interesting for you. We are gonna introduce the Linux world to you slowly and steadily. 
YOU MAY ALSO LIKE- [What is Linux? A brief description.][2]
and  [How to install Desktop Gadgets in Linux using screenlets? ][1]
 So here's the first piece of our intro series. Today we are going to know about Debian. It is one of the first Linux distribution. Debian was initially launched at 1993 August. The name Debian was given by the creator of Debian, Ian Murdock and his wife Debra.
Debian is a huge set of open-source packages. Debian also supports installation of non-free packages, but the number is big in free packages. According to official source Debian contains about 37500 free packages in its repository. And Debian provides all this for free of cost. A team of around thousand or more people work on Debian to make it better.
The latest stable release of Debian is 7.5 Wheezy. Debian has also released the alpha 8.0 Jesse for further development. By default, Debian uses Gnome desktop environment. But it also gives an option to choose between Gnome, KDE, Xfce and LXDE environments too. Debian is very easy to install due to its graphical installer.
Debian is robust and secure Operating system. Debian supports most of hardware and architectures, so you usually don't have to worry about whether it will run on your PC or not. Now the thing is drivers? you must be wondering how to get drivers for Debian. Do not worry, for most of new and old hardware the community of Debian has made drivers. So you don't have to wait for your vendor to make drivers for your hardware. And once again as it's open-source, so it's all for free.
Debian is supported by the community. So you can be assured that your problem will definitely get solved as there are actual users of Debian supporting you. Debian has wide range of software to choose from, which is of course free of cost. Debian is also very stable and powerful OS, which will give you amazing performance, security, a good Graphical user Interface (GUI) and also ease of use.
When it comes to stability, we mean less crash and hangs but more performance. Debian fulfill this role very well. Debian is also very easy to upgrade. The Debian team has worked hard to compile all the packages in there repository so that we can easily find them and install in our system.
So overall, it's been 20 years for Debian. So we can see the hard work and dedication of Debian team to keep it in the best condition for users. Debian can be installed either via buying a DVD or by downloading ISO files. So we would like to suggest you to give Debian a try. It has lots of things on grand scale to provide you.
Debian is the first one in our Introduction of Linux world section. We will be back with another Linux distribution next time. Stay tuned, there is lot more in Linux world. Till then, ciao.
--------------------------------------------------------------------------------
via: http://www.techphylum.com/2014/05/what-is-debian-brief-introduction.html
作者:[sumit rohankar ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://plus.google.com/112160169713374382262
[1]:http://www.techphylum.com/2014/05/desktop-gadgets-in-linux-ubuntu.html
[2]:http://www.techphylum.com/2014/05/what-is-linux-brief-description.html?m=1

6
translated/talk/The history of Android/17 - The history of Android.md
View File

@ -52,7 +52,7 @@ Ron Amadeo 供图
音乐应用终于得到了一直以来都需要的完全重新设计。
Ron Amadeo 供图
尽管音乐应用之前有得到一些小的加强,但这是自安卓 0.9 以来它第一次受到正视。重新设计的亮点是一个“别叫它封面流滚动 3D 专辑封面视图”,称作“最新和最近”。导航由操作栏的下拉框解决,取代了安卓 2.1 引入的标签页导航。尽管“最新和最近”有个 3D 滚动专辑封面,“专辑”使用的是专辑略缩图的平面方阵。另一个部分也有个完全不同的设计。“歌曲”使用了垂直滚动的文本列表,“播放列表”,“年代”和“艺术家”用的是堆砌专辑显示。
尽管音乐应用之前有得到一些小的加强,但这是自安卓 0.9 以来它第一次受到正视。重新设计的亮点是一个“不叫滚动封面的 3D 专辑封面视图”,称作“最新和最近”。导航由操作栏的下拉框解决,取代了安卓 2.1 引入的标签页导航。尽管“最新和最近”有个 3D 滚动专辑封面,“专辑”使用的是专辑略缩图的平面方阵。另一个部分也有个完全不同的设计。“歌曲”使用了垂直滚动的文本列表,“播放列表”,“年代”和“艺术家”用的是堆砌专辑显示。
在几乎每个视图中,每个单独的项目有它自己单独的菜单,通常在每项的右下角有个小箭头。眼下这里只会显示“播放”和“添加到播放列表”,但这个版本的谷歌音乐是为未来搭建的。谷歌不久后就要发布音乐服务,这些独立菜单在像是在音乐商店里浏览该艺术家的其它内容,或是管理云存储和本地存储时将会是不可或缺的。
@ -64,7 +64,7 @@ Ron Amadeo 供图
谷歌地图也为大屏幕进行了重新设计。这个设计将会持续一段时间,它对所有的控制选项用了一个半透明的黑色操作栏。搜索再次成为主要功能,占据了操作栏显要位置,但这回可是真的搜索栏,你可以在里面输入关键字,不像以前那个搜索栏形状的按钮会打开完全不同的界面。谷歌最终还是放弃了给缩放控件留屏幕空间,仅仅依靠手势来控制地图显示。尽管 3D 建筑轮廓这个特性已经被移植到了旧版本的地图中,蜂巢依然是拥有这个特性的第一个版本。双指在地图上向下拖放会“倾斜”地图的视角,展示建筑的侧面。你可以随意旋转,建筑同样会跟着进行调整。
并不是所有部分都进行了重新设计。导航自姜饼以来就没动过,还有些界面的核心部分,像是路线,直接从安卓 1.6 的设计拿出来,放到一个小盒子里居中放置,仅此而已。
并不是所有部分都进行了重新设计。导航自姜饼以来就没动过,还有些界面的核心部分,比如路线,直接从安卓 1.6 的设计拿出来,放到一个小盒子里居中放置,仅此而已。
----------
@ -78,7 +78,7 @@ Ron Amadeo 供图
via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/17/
译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID)
译者:[alim0x](https://github.com/alim0x) 校对:[Bestony](https://github.com/Bestony)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出

48
translated/tech/20170213 Orange Pi as Time Machine Server.md
View File

@ -1,18 +1,18 @@
使用Orange Pi搭建Time Machine服务
使用 Orange Pi 搭建 Time Machine 服务
=================================
![Orange Pi as Time Machine Server](https://i1.wp.com/piboards.com/wp-content/uploads/2017/02/OPiTM.png?resize=960%2C450)
有一个项目是安排各类家用计算机进行自动备份。该项目将重要数据存放在一组Macs中。但是我决定将那些运行[Armbian][4] Linux的[Orange Pi][3]用来做实验,目的是希望能够将[Time Machine][5]运行在安装了USB网络驱动的Orange Pi主板上。在这种情况下我找到成功安装Netatalk的方法
的一个项目是为各类家用计算机安排进行自动备份,包括存放重要数据的一组 Mac 主机。所以,我决定使用运行 [Armbian][4] Linux 的便宜的 [Orange Pi][3] 做实验,目的是希望能够将 [Time Machine][5] 通过网络工作在 Orange Pi 主板上的 USB 驱动器工作。在这种情况下,我找到方法并成功安装了 Netatalk
[Netatalk][6]是一个开源软件,用于苹果文件服务器。通过[Avahi][7]和Netatalk配合运行你的Mac设备能够识别网络上的Orange Pi设备并会将Orange pi设备当作Mac类型的设备。这使得你能够自动连接作为网络设备更重要的是使得Time Machine能够发现并使用远程驱动。下面的指南能够帮助你在Macs上设置类似的备份机制
[Netatalk][6] 是一个开源软件,用于苹果文件服务器。通过 [Avahi][7] 和 Netatalk 配合运行,你的 Mac 设备能够识别网络上的 Orange Pi 设备,甚至会将 Orange pi 设备当作 “Mac” 类型的设备。这使得你能够手动连接到网络设备,更重要的是使得 Time Machine 能够发现并使用远程驱动器。如果你想在 Mac 上设置类似的备份机制,下面的指南也许能够帮到你
### 准备工作
为了安装USB驱动我首先尝试了HFS+格式文件系统,不幸的是我没能成功写入。所以我选择创建一个EXT4文件系统并确保pi用户有读写权限。Linux有很多格式化磁盘的方法,但是我最喜欢(推荐)的仍然是[gparted][8]。由于gparted已经集成在Armbian桌面了所以我直接使用了该工具。
为了安装 USB 驱动,我首先尝试了 HFS+ 格式文件系统,不幸的是我没能成功写入。所以我选择创建一个 EXT4 文件系统,并确保用户 “pi” 有读写权限。Linux 有很多格式化磁盘的方法,但是我最喜欢(而且推荐)的仍然是 [gparted][8]。由于 gparted 已经集成在 Armbian 桌面了,所以我直接使用了该工具。
我预期的是当Pi主板启动或者USB驱动连接的时候这个设备能够自动挂载到相同的位置。于是我创建了一个目录用于挂载新建一个tm目录用于真正的备份地址并将tm的所有者更改为pi。
我预期的是当 Pi 主板启动或者 USB 驱动连接的时候这个设备能够自动挂载到相同的位置。于是我创建了一个目录用于挂载:新建一个 tm 目录用于真正的备份地址,并将tm的所有者更改为用户 pi。
```
cd /mnt
@ -22,7 +22,7 @@ sudo mkdir tm
sudo chown pi:pi tm
```
下一步,我打开一个终端并编辑/etc/fstab文件
下一步,我打开一个终端并编辑 /etc/fstab 文件
```
sudo nano /etc/fstab
@ -40,9 +40,9 @@ sudo nano /etc/fstab
sudo apt-get install build-essential libevent-dev libssl-dev libgcrypt11-dev libkrb5-dev libpam0g-dev libwrap0-dev libdb-dev libtdb-dev libmysqlclient-dev avahi-daemon libavahi-client-dev libacl1-dev libldap2-dev libcrack2-dev systemtap-sdt-dev libdbus-1-dev libdbus-glib-1-dev libglib2.0-dev libio-socket-inet6-perl tracker libtracker-sparql-1.0-dev libtracker-miner-1.0-dev hfsprogs hfsutils avahi-daemon
```
### 安装并配置Netatalk
### 安装并配置 Netatalk
下一步是下载Netatalk解压下载的archive文件然后切换到Netatalk目录
下一步是下载 Netatalk解压下载的 archive 文件,然后切换到 Netatalk 目录:
```
wget https://sourceforge.net/projects/netatalk/files/netatalk/3.1.10/netatalk-3.1.10.tar.bz2
@ -50,38 +50,38 @@ tar xvf netatalk-3.1.10.tar.bz2
cd netatalk-3.1.10
```
然后需要顺序执行configuremakemake install命令安装软件。在netatalk-3.1.10目录中执行configure命令这个命令需要花点时间才能执行完。
然后需要顺序执行 configuremakemake install 命令安装软件。在 netatalk-3.1.10 目录中执行 configure 命令,这个命令需要花点时间才能执行完。
```
./configure --with-init-style=debian-systemd --without-libevent --without-tdb --with-cracklib --enable-krbV-uam --with-pam-confdir=/etc/pam.d --with-dbus-daemon=/usr/bin/dbus-daemon --with-dbus-sysconf-dir=/etc/dbus-1/system.d --with-tracker-pkgconfig-version=1.0
```
configure运行完成后执行make
configure 运行完成后执行 make
```
make
```
执行完make命令需要花较长时间可以考虑喝杯咖啡或者做点其他什么。当执行完后执行以下命令:
执行完 make 命令需要花较长时间,可以考虑喝杯咖啡或者做点其他什么。之后,执行以下命令:
```
sudo make install
```
这个命令能够快速执行完成。现在你可以通过下面两个命令验证安装是否成功以及查找配置文件位置。
这个命令能够快速执行完成。现在你可以通过下面两个命令验证安装是否成功,同时找到配置文件位置。
```
sudo netatalk -V
sudo afpd -V
```
然后你需要编辑afp.conf配置文件并在其中指定Time Machine备份路径可以访问的帐号名并指定是否使用[Spotlight][9]用于搜索备份
然后你需要编辑 afp.conf 配置文件并在其中指定 Time Machine 备份路径,可以访问的帐号名并指定是否使用 [Spotlight][9] 为备份建立索引
```
sudo nano /usr/local/etc/afp.conf
```
下面是afp.conf的配置示例
下面是 afp.conf 的配置示例:
```
[My Time Machine Volume]
@ -90,7 +90,7 @@ valid users = pi
time machine = yes
spotlight = no
```
最后,设置Avahi和Netatalk并启动。
最后,启用 Avahi 和 Netatalk 并启动。
```
sudo systemctl enable avahi-daemon
@ -99,29 +99,29 @@ sudo systemctl start avahi-daemon
sudo systemctl start netatalk
```
### 连接到网络驱动
### 连接到网络驱动
此时,你的Mac可能已经发现并识别了你的Pi设备。打开Mac中的Finder访问下面地址看看以下内容:
此时,你的 Mac 可能已经发现并识别了你的 Pi 设备和网络驱动器。打开 Mac 中的 Finder看看是否有像下面的内容:
![](https://i2.wp.com/piboards.com/wp-content/uploads/2017/02/TM_drive.png?resize=241%2C89)
当然你也可以通过host或者ip地址访问,比如:
当然你也可以通过主机名或者 ip 地址访问,比如:
```
afp://192.168.1.25
```
### Time Machine备份
### Time Machine Backup
最后打开Mac上的Time Machine然后选中硬盘选择Orange pi。
### Time Machine 备份
最后,打开 Mac 上的 Time Machine然后选中硬盘选择 Orange pi。
![](https://i1.wp.com/piboards.com/wp-content/uploads/2017/02/OPiTM.png?resize=579%2C381)
通过这样设置后Orange Pi肯定能够正常工作并能够像champ一样处理不过这并不是最快速的备份方式。但是这个方法比较简单且便宜,并且正如其展示的一样能够正常工作。如果你已经成功或者改进了这些设置,请在下面留言或者发送消息给我。
这样设置肯定有效Orange Pi 能够很好的处理进程,不过这可能并不是最快速的备份方式。但是,这个方法比较简单且便宜,并且正如其展示的一样能够正常工作。如果对这些设置你已经成功或者进行了改进,请在下面留言或者发送消息给我。
![](https://i0.wp.com/piboards.com/wp-content/uploads/2017/02/backup_complete.png?resize=300%2C71)
Amazon上有售卖Orange Pi主板:
Amazon 上有售卖 Orange Pi 主板。
--------------------------------------------------------------------------------
@ -129,7 +129,7 @@ via: http://piboards.com/2017/02/13/orange-pi-as-time-machine-server/
作者:[MIKE WILMOTH][a]
译者:[beyondworld](https://github.com/beyondworld)
校对:[校对者ID](https://github.com/校对者ID)
校对:[jasminepeng](https://github.com/jasminepeng)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

270
translated/tech/20170222 Create a Shared Directory on Samba AD DC and Map to WindowsLinux Clients – Part 7.md Normal file
View File

@ -0,0 +1,270 @@
Create a Shared Directory on Samba AD DC and Map to Windows/Linux Clients Part 7
============================================================
在 Samba AD DC 服务器上创建共享目录并映射到 Windows/Linux 客户机 ——(七)
这篇文章将指导你如何在 Samba AD DC 服务器上创建共享目录,然后通过 GPO 把共享目录挂载到域中的其它 Windows 成员机,并且从 Windows 域控的角度来管理共享权限。
这篇文章也包括在加入域的 Linux 机器上如何使用 Samba4 域帐号来访问及挂载共享文件。
#### 需求:
1. [在 Ubuntu 系统上使用 Samba4 创建活动目录架构][1]
### 第一步:创建 Samba 文件共享
1、在 Samba AD DC 服务器上创建共享非常简单。首先创建一个你想通过 SMB 协议来分享文件的目录,然后添加下面的文件系统权限,这是为了让 Windows AD DC 管理员给 Windows 客户端分配相应的共享权限。
假设在 AD DC 服务器上有一个新的共享目录 '/nas' ,执行下面的命令来授予必要的权限。
```
# mkdir /nas
# chmod -R 775 /nas
# chown -R root:"domain users" /nas
# ls -alh | grep nas
```
[
![Create Samba Shared Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][2]
创建 Samba 共享目录
2、当你在 Samba4 AD DC 服务器上创建完成共享目录之后,你还得修改 samba 配置文件,添加下面的参数以允许通过 SMB 协议来共享文件。
```
# nano /etc/samba/smb.conf
```
在配置文件末尾添加以下内容:
```
[nas]
path = /nas
read only = no
```
[
![Configure Samba Shared Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][3]
配置 Samba 共享目录
3、最后你需要通过下面的命令重启 Samba AD DC 服务,以让修改的配置生效:
```
# systemctl restart samba-ad-dc.service
```
### 第二步:管理 Samba 共享权限
4、我们准备使用在 Samba AD DC 服务器上创建的域帐号(包括用户和组)来访问这个共享目录(禁止 Linux 系统用户访问共享目录)。
可以直接通过 Windows 资源管理器来完成 Samba 共享权限的管理,就跟你在 Windows 资源管理器中设置其它文件夹权限的方法一样。
首先,使用具有管理员权限的 Samba4 AD 域帐号登录到 Windows 机器。然而在 Windows 机器上的资源管理器中输入双斜杠和 Samba AD DC 服务器的 IP 地址或主机名或者是 FQDN 来访问共享文件和设置权限。
```
\\adc1
Or
\\192.168.1.254
Or
\\adc1.tecmint.lan
```
[
![Access Samba Share Directory from Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][4]
从 Windows 机器访问 Samba 共享目录
5、右键单击共享文件选择属性来设置权限。打开安全选项卡依次修改域账号和组权限。使用高级选项来调整权限。
[
![Configure Samba Share Directory Permissions](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][5]
配置 Samba 共享目录权限
可参考下面的截图来为指定 Samba AD DC 认证用户设置权限。
[
![Manage Samba Share Directory User Permissions](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][6]
设置 Samba 共享目录用户权限
6、你也可以使用其它方法来设置共享权限打开计算机管理-->连接到另外一台计算机。
找到共享目录,右键单击你想修改权限的目录,选择属性,打开安全选项卡。你可以在这里修改任何权限,就跟上图的修改共享文件夹权限的方法一样。
[
![Connect to Samba Share Directory Machine](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][7]
连接到 Samba 共享目录服务器
[
![Manage Samba Share Directory Properties](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][8]
管理 Samba 共享目录属性
[
![Assign Samba Share Directory Permissions to Users](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][9]
为域用户授予共享目录权限
### 第三步:通过 GPO 来映射 Samba 文件共享
7、要想通过域组策略来挂载 Samba 共享的目录,你得先到一台[已安装了 RSAT 工具][10] 的服务器上,打开 AD DC 工具,右键单击域名,选择新建-->共享文件平。
[
![Map Samba Share Folder](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][11]
映射 Samba 共享文件夹
8、为共享文件夹添加一个名字然后输入共享文件夹的网络路径如下图所示。完成后单击 OK 按钮,你就可以在右侧看到文件夹了。
[
![Set Samba Shared Folder Name Location](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][12]
设置 Samba 共享文件夹名称及路径
9、下一步打开组策略管理控制台找到当前域的默认域策略脚本然后打开并编辑该文件。
在 GPM 编辑器界面,打开 GPM 编辑器,找到用户配置 --> 首选项 --> Windows 设置,然而右键单击驱动器映射,选择新建 --> 映射驱动。
[
![Map Samba Share Folder in Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][13]
在 Windows 机器上映射 Samba 共享文件夹
10、通过单击右边的三个小点在新窗口中查询并添加共享目录的网络位置勾选重新连接复选框为该目录添加一个标签选择驱动盘符然后单击 OK 按钮来保存和应用配置。
[
![Configure Network Location for Samba Share Directory](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][14]
配置 Samba 共享目录的网络位置
11、最后为了在本地机器上强制应用 GPO 更改而不重启系统,打开命令行提示符,然而执行下面的命令。
```
gpupdate /force
```
[
![Apply GPO Changes](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][15]
应用 GPO 更改
12、当你在本地机器上成功应用策略后打开 Windows 资源管理器,你就可以看到并访问共享的网络文件夹了,能否正常访问共享目录取决于你在前一步的授权操作。
如果没有在命令行下强制应用组策略,你网络中的其它客户机需要重启或重新登录系统才可以看到共享目录。
[
![Samba Shared Network Volume on Windows](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][16]
Windows 机器上挂载的 Samba 网络磁盘
### 第四步:从 Linux 客户端访问 Samba 共享目录
13、已加入 Samba AD DC 中的 Linux 成员机上的系统用户也可以可以使用 Samba 帐号访问或在本地挂载共享目录。
首先,你得通过下面的命令来确保 Samba 客户端和工具已经安装完成。
```
$ sudo apt-get install smbclient cifs-utils
```
14、为了列出域环境中的共享目录你可以通过下面的命令加入指定的域控服务器主机名来查询
```
$ smbclient L your_domain_controller U%
or
$ smbclient L \\adc1 U%
```
[
![List Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][17]
在 Linux 机器上列出 Samba 共享目录
15、在命令行下使用域帐号以交互试方式连接到 Samba 共享目录:
```
$ sudo smbclient //adc/share_name -U domain_user
```
在命令行下,你可以列出共享目录内容,下载或上传文件到共享目录,或者执行其它操作。使用 来查询所有可用的 smbclient 命令。
[
![Connect Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][18]
在 Linux 机器上连接 Samba 共享目录
16、在 Linux 机器上使用下面的命令来挂载 samba 共享目录。
```
$ sudo mount //adc/share_name /mnt -o username=domain_user
```
[
![Mount Samba Share Directory in Linux](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][19]
在 Linux 机器上挂载 samba 共享目录
根据实际情况,依次替换主机名、共享目录名、挂载点和域帐号。使用 mount 命令加上管道符和 grep 参数来过滤出 cifs 类型的文件系统。
通过上面的测试我们可以看出 Samba4 AD DC 服务器上配置共享目录仅使用 Windows 访问控制列表( ACL ),而不是 POSIX ACL 。
通过文件共享把 Samba 配置为域成员以使用其它网络共享功能。同时,在另一个域控制器上[配置 Windbindd 服务][20] ——第二步——在你开始发起网络共享文件之前。
--------------------------------------------------------------------------------
作者简介:
我是一个电脑迷,开源 Linux 系统和软件爱好者,有 4 年多的 Linux 桌面、服务器系统使用和 Base 编程经验。
译者简介:
春城初春/春水初生/春林初盛/春風十裏不如妳
[rusking](https://github.com/rusking)
--------------------------------------------------------------------------------
via: http://www.tecmint.com/create-shared-directory-on-samba-ad-dc-and-map-to-windows-linux/
作者:[Matei Cezar][a]
译者:[rusking](https://github.com/rusking)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/cezarmatei/
[1]:http://www.tecmint.com/install-samba4-active-directory-ubuntu/
[2]:http://www.tecmint.com/wp-content/uploads/2017/02/Create-Samba-Shared-Directory.png
[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Samba-Shared-Directory.png
[4]:http://www.tecmint.com/wp-content/uploads/2017/02/Access-Samba-Share-Directory-from-Windows.png
[5]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Samba-Share-Directory-Permissions.png
[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Manage-Samba-Share-Directory-User-Permissions.png
[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Connect-to-Samba-Share-Directory-Machine.png
[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Manage-Samba-Share-Directory-Properties.png
[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Assign-Samba-Share-Directory-Permissions-to-Users.png
[10]:http://www.tecmint.com/manage-samba4-ad-from-windows-via-rsat/
[11]:http://www.tecmint.com/wp-content/uploads/2017/02/Map-Samba-Share-Folder.png
[12]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Samba-Shared-Folder-Name-Location.png
[13]:http://www.tecmint.com/wp-content/uploads/2017/02/Map-Samba-Share-Folder-in-Windows.png
[14]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Network-Location-for-Samba-Share-Directory.png
[15]:http://www.tecmint.com/wp-content/uploads/2017/02/Apply-GPO-Changes.png
[16]:http://www.tecmint.com/wp-content/uploads/2017/02/Samba-Shared-Network-Volume-on-Windows.png
[17]:http://www.tecmint.com/wp-content/uploads/2017/02/List-Samba-Share-Directory-in-Linux.png
[18]:http://www.tecmint.com/wp-content/uploads/2017/02/Connect-Samba-Share-Directory-in-Linux.png
[19]:http://www.tecmint.com/wp-content/uploads/2017/02/Mount-Samba-Share-Directory-in-Linux.png
[20]:http://www.tecmint.com/manage-samba4-active-directory-linux-command-line/
[21]:http://www.tecmint.com/author/cezarmatei/
[22]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[23]:http://www.tecmint.com/free-linux-shell-scripting-books/

244
translated/tech/20170224 Setting Up a Secure FTP Server using SSL-TLS on Ubuntu.md Normal file
View File

@ -0,0 +1,244 @@
在Ubuntu上使用SSL/TLS搭建一个安全的FTP服务器
============================================================
立即下载你的免费电子书 - [10本免费的Linux管理员电子书][13] | [4本免费的shell脚本电子书][14]
在本教程中我们将介绍如何使用Ubuntu 16.04 / 16.10中的SSL / TLS保护FTP服务器VSFTPD代表“非常安全的FTP守护进程”
如果你想为基于CentOS的发行版安装一个安全的FTP服务器你可以阅读 [在CentOS上使用SSL / TLS保护FTP服务器][2]
在遵循本指南中的各个步骤之后我们将了解在FTP服务器中启用加密服务的基本原理以确保安全的数据传输至关重要。
####要求
1. 你必须 [在Ubuntu上安装和配置一个FTP服务器][1]
在我们进行下一步之前确保本文中的所有命令都将以root身份运行或者
Before we move further, make sure that all commands in this article will be run as root or [sudo特权账号][3].
### 第一步在Ubuntu上为FTP生成SSL/TLS证书
1.我们将首先在/etc/ssl/下创建一个子目录来存储SSL/TLS证书和密钥文件如果它不存在
```
$ sudo mkdir /etc/ssl/private
```
2. 现在我们在这个单一的文件中生成证书和密钥,通过运行下面的命令。
```
$ sudo openssl req -x509 -nodes -keyout /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem -days 365 -newkey rsa:2048
```
上面的命令将提示你回答以下问题,不要忘了输入合适于脚本的值。
```
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Lower Parel
Locality Name (eg, city) [Default City]:Mumbai
Organization Name (eg, company) [Default Company Ltd]:TecMint.com
Organizational Unit Name (eg, section) []:Linux and Open Source
Common Name (eg, your name or your server's hostname) []:tecmint
Email Address []:admin@tecmint.com
```
### 第二步在Ubuntu上配置VSFTPD来使用SSL/TLS
3.在我们进行VSFTPD配置之前对于[UFW防火墙已启用][4]的用户你们必须打开端口990和40000-50000来允许在VSFTD配置文件中分别设置TLS连接和被动端口的端口范围
```
$ sudo ufw allow 990/tcp
$ sudo ufw allow 40000:50000/tcp
$ sudo ufw status
```
4. 现在打开VSFTPD配置文件并定义SSL详细信息
```
$ sudo vi /etc/vsftpd/vsftpd.conf
OR
$ sudo nano /etc/vsftpd/vsftpd.conf
```
然后,添加或定位选项`ssl_enable`并将它的值设置为YES来激活SSL的使用同样因为TLS比SSL更安全我们将通过启用`ssl_tlsv1`选项限制VSFTPD使用TLS
```
ssl_enable=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
```
5. 接下来,使用``字符注释掉下面的行,如下所示:
```
#rsa_cert_file=/etc/ssl/private/ssl-cert-snakeoil.pem
#rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
```
然后添加以下行以定义SSL证书和密钥文件的位置
```
rsa_cert_file=/etc/ssl/private/vsftpd.pem
rsa_private_key_file=/etc/ssl/private/vsftpd.pem
```
6.现在我们也可以阻止匿名的用户使用SSL登陆并且迫使所有的非匿名登陆使用一个安全的SSL链接来传输数据而且在登陆的期间发送密码
```
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
```
7.此外我们可以使用以下选项在FTP服务器中添加更多的安全功能 。使用选项`require_ssl_reuse=YES`所用的SSL数据链接都需要展示SSL会话重用证明他们知道和控制信道相同的主秘密。所以我们应该禁用它。
```
require_ssl_reuse=NO
```
此外我们可以设置VSFTPD允许使用`ssl_ciphers`选项进行加密SSL连接的SSL密码。 这将有助于挫败攻击者的任何努力尝试强制得到一个特定的密码,来发现的漏洞:
```
ssl_ciphers=HIGH
```
8. 然后,我们定义被动端口的端口范围(最小和最大端口)。
```
pasv_min_port=40000
pasv_max_port=50000
```
9. 要启用SSL调试意味着openSSL连接诊断记录到VSFTPD日志文件我们可以使用`debug_ssl`选项:
```
debug_ssl=YES
```
最后保存文件并且关闭它。然后重启VSFTPD服务
```
$ systemctl restart vsftpd
```
### 第三步在Ubuntu上使用SSL / TLS连接验证FTP
10. 执行所有上述配置后,通过尝试[使用命令行中的FTP] [5]测试VSFTPD是否现在使用SSL / TLS连接如下所示。
从下面的输出来看这里有一个错误的信息告诉我们VSFTPD仅允许用户非匿名用户从支持加密服务的安全客户端登陆。
```
$ ftp 192.168.56.10
Connected to 192.168.56.10 (192.168.56.10).
220 Welcome to TecMint.com FTP service.
Name (192.168.56.10:root) : ravi
530 Non-anonymous sessions must use encryption.
Login failed.
421 Service not available, remote server has closed connection
ftp>
```
这个命令行不支持加密服务从而导致了上述错误。因此要安全连接到启用了加密服务的FTP服务器我们需要一个默认支持SSL/TLS连接的FTP客户端例如FileZilla。
### 第四步在客户端上安装FileZillaStep来安全地连接FTP
FileZilla是一个强大的广泛使用的跨平台FTP客户端支持在SSL/TLS上的FTP。为了在Linux客户端机器上安装FileZilla使用下面的命令。
```
--------- On Debian/Ubuntu ---------
$ sudo apt-get install filezilla
--------- On CentOS/RHEL/Fedora ---------
# yum install epel-release filezilla
--------- On Fedora 22+ ---------
$ sudo dnf install filezilla
```
12. 一旦安装完成打开它然后点击File=>Sites Manager或者按Ctrl+S来获取下面的Site Manager。
[
![Filezilla Site Manager](http://www.tecmint.com/wp-content/uploads/2017/02/Filezilla-Site-Manager.png)
][6]
Filezilla Site Manager
13. 现在,定义主机/站点名字添加IP地址定义使用的协议加密和登陆类型如下面的屏幕使用适用于你方案的值
点击New Site按钮来配置一个新的站点/主机连接。
```
Host: 192.168.56.10
Protocol: FTP File Transfer Protocol
Encryption: Require explicit FTP over #recommended
Logon Type: Ask for password #recommended
User: username
```
[
![在Filezilla上配置新的FTP站点](http://www.tecmint.com/wp-content/uploads/2017/02/Configure-New-FTP-Site-on-Filezilla.png)
][7]
在Filezilla上配置新的FTP站点
14. 然后从上面的界面单击连接以输入密码然后验证用于SSL / TLS连接的证书并再次单击确定以连接到FTP服务器
[
![验证FTP的SSL证书](http://www.tecmint.com/wp-content/uploads/2017/02/Verify-FTP-SSL-Certificate-1.png)
][8]
验证FTP的SSL证书
15.现在你应该通过TLS连接成功地登陆到FTP服务器检查连接状态部分来获取有关下面接口的更多信息。
[
![连接Ubuntu的FTP服务器](http://www.tecmint.com/wp-content/uploads/2017/02/Connected-Ubuntu-FTP-Server.png)
][9]
连接Ubuntu的FTP服务器
16. 最后,让我们[从本地的机器传送文件到FTP服务器][10]在文件夹中, 查看FileZilla接口的下端来查看有关文件传输的报告。
[
![使用Filezilla安全的传输FTP文件](http://www.tecmint.com/wp-content/uploads/2017/02/Transfer-Files-Securely-using-FTP.png)
][11]
使用Filezilla安全的传输FTP文件
就这样! 始终记住安装FTP服务器而不启用加密服务具有某些安全隐患。 正如我们在本教程中解释的您可以配置FTP服务器使用SSL / TLS连接来实现Ubuntu 16.04 / 16.10中的安全性。
如果你在FTP服务器上设置SSL/TLS遇到任何问题请使用以下注释表单来分享您对本教程/主题的问题或想法。
--------------------------------------------------------------------------------
作者简介:
Aaron Kili是Linux和F.O.S.S爱好者即将推出的Linux SysAdmin网络开发人员目前是TecMint的内容创作者他喜欢与电脑合作并坚信分享知识。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/secure-ftp-server-using-ssl-tls-on-ubuntu/
作者:[Aaron Kili][a]
译者:[译者ID](https://github.com/DockerChen)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/aaronkili/
[1]:http://www.tecmint.com/install-ftp-server-in-ubuntu/
[2]:http://www.tecmint.com/axel-commandline-download-accelerator-for-linux/
[3]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/
[4]:http://www.tecmint.com/how-to-install-and-configure-ufw-firewall/
[5]:http://www.tecmint.com/sftp-command-examples/
[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Filezilla-Site-Manager.png
[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-New-FTP-Site-on-Filezilla.png
[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Verify-FTP-SSL-Certificate-1.png
[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Connected-Ubuntu-FTP-Server.png
[10]:http://www.tecmint.com/sftp-command-examples/
[11]:http://www.tecmint.com/wp-content/uploads/2017/02/Transfer-Files-Securely-using-FTP.png
[12]:http://www.tecmint.com/author/aaronkili/
[13]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[14]:http://www.tecmint.com/free-linux-shell-scripting-books/

92
translated/tech/20170306 How to Upgrade Kernel to Latest Version in Ubuntu.md Normal file
View File

@ -0,0 +1,92 @@
如何在 Ubuntu 中升级到最新内核
============================================================
每过段时间,就有新的设备和技术出来,因此如果我们想要充分利用它,保持最新的 Linux 内核就显得很重要。此外,更新系统内核将使我们能够利用新的内核优化,并且它还可以帮助我们避免在早期版本中发现的漏洞。
**建议阅读:** [如何升级 CentOS 7内核][1]
准备好了在 Ubuntu 16.04 或其衍生版本(如 Debian 和 Linux Mint中更新你的内核了么如果准备好了请你继续阅读
### 第一步:检查安装的内核版本
要发现当前系统安装的版本,我们可以:
```
$ uname -sr
```
下面的截图显示了在 Ubuntu 16.04 server 中上面命令的输出:
[
![Check Kernel Version in Ubuntu](http://www.tecmint.com/wp-content/uploads/2017/03/Check-Kernel-Version-in-Ubuntu.png)
][2]
*在 Ubuntu 中检查内核版本*
### 第二步:在 Ubuntu 16.04 中升级内核
要升级 Ubuntu 16.04 的内核,打开 [http://kernel.ubuntu.com/~kernel-ppa/mainline/][3] 并选择列表中需要的版本(发布此文时最新内核是 4.10.1)。
接下来,根据你的系统架构下载 `.deb` 文件:
对于 64 位系统:
```
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-headers-4.10.1-041001_4.10.1-041001.201702260735_all.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-headers-4.10.1-041001-generic_4.10.1-041001.201702260735_amd64.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-image-4.10.1-041001-generic_4.10.1-041001.201702260735_amd64.deb
```
这是 32 位系统的:
```
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-headers-4.10.1-041001_4.10.1-041001.201702260735_all.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-headers-4.10.1-041001-generic_4.10.1-041001.201702260735_i386.deb
$ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.10.1/linux-image-4.10.1-041001-generic_4.10.1-041001.201702260735_i386.deb
```
下载完成这些所有内核文件后,如下安装:
```
$ sudo dpkg -i *.deb
```
安装完成后,重启并验证新的内核已经被使用了:
```
$ uname -sr
```
就是这样。你下载就可以使用比 Ubuntu 16.04 默认安装的内核的更新版本了。
### 总结
本文我们展示了如何在 Ubuntu 系统上轻松升级Linux内核。这里还有另一个流程但我们在这里没有展示因为它需要从源代码编译内核这不推荐在生产 Linux 系统上使用。
如果你仍然有兴趣编译内核作为一个学习经验,你可以在 [Kernel Newbies][4] 网站中得到指导该如何做。
一如既往,如果你对本文有任何问题或意见,请随时使用下面的评论栏。
--------------------------------------------------------------------------------
作者简介:
Gabriel Cánepa - 一位来自阿根廷圣路易斯梅塞德斯镇 (Villa Mercedes, San Luis, Argentina) 的 GNU/Linux 系统管理员Web 开发者。就职于一家世界领先级的消费品公司,乐于在每天的工作中能使用 FOSS 工具来提高生产力。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/upgrade-kernel-in-ubuntu/
作者:[Gabriel Cánepa][a]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/install-upgrade-kernel-version-in-centos-7/
[2]:http://www.tecmint.com/wp-content/uploads/2017/03/Check-Kernel-Version-in-Ubuntu.png
[3]:http://kernel.ubuntu.com/~kernel-ppa/mainline/
[4]:https://kernelnewbies.org/KernelBuild
[5]:http://www.tecmint.com/author/gacanepa/
[6]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/
[7]:http://www.tecmint.com/free-linux-shell-scripting-books/

63
translated/tech/20170307 How to make release notes count.md Normal file
View File

@ -0,0 +1,63 @@
如何写出绝佳的发行说明
============================================================
![如何写出绝佳的发行说明](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/rh_003784_02_os.comcareers_resume_rh1x.png?itok=CK6VJq5w "How to make release notes count")
>图像来源 opensource.com
恭喜你已经准备发布你的软件包的最新版本了。现在你需要保证你的发行说明整洁有序。当然你可以写上“bug 修复以及性能改进”然后就算完成,但这并不能给你的用户传达任何信息。
发行说明同时用于支持和营销。它可以告诉你的的用户为什么这个发布版本对他们很重要,并可以向潜在用户展示你的软件。所以,你会希望它的内容简洁、易懂,最重要的是:确切。写发行说明的方式不止一种,所以本文只是一般提议,并不是一个命令。
人们在发行说明中写上一大段饱含愚蠢的叙事内容。如果你想这么写,那请自便——不过要记住,笑话通常是上下文相关的,你觉得很滑稽的内容,可能在你的读者眼里会变得索然无味。而且,你不能忘了写那些重要信息。
### 入门
你能从本文里学到的最简单的经验,可能是这一条:你的发行说明要写给读它的人看。对于面向用户的软件,发行说明中要注重面向用户的行为,而不是软件的内部实现。举个例子:写“点击‘取消’按钮会把你的电脑点着”,而不要写“在 cancelThatThing 函数中thermalEventTrigger 的默认值被设为 True”。
尝试将每一条说明限制在一到两句话。发行说明的重点在于突出强调重要部分,而不是给出详尽的解释。如果你有一个公开的问题追踪页面,你可以在说明中包含问题链接(或者问题编号),这样关注此问题的读者可以通过链接来查看问题的详细内容。
你并不需要严格按照这种方法来写发行说明,但我比较喜欢下面的格式。开头写上版本号,以及发布日期。对于主要版本,你可能要再写几句话,来突出本次发布的主题。比如,“本次发布的重点在于添加了邮件客户端,因为这是所有软件的最终结束状态。”
### 兼容性更改
如果新版本中包含兼容性更改或默认行为,你最好将它们着重写出。你的用户、以及提供用户支持的人会感谢你的。在发行说明中描述出现更改的地方,如何实施更改,以及用户不执行更改会导致的后果。对于某些次要版本,你可能没有做出任何会导致不兼容的更改,那你可以省略此部分。
### 功能及改进
"
现在,你该炫耀你的软件包含的那些酷的、新奇的东西了,但是要记得站在用户的角度来写。比如,“该软件现在支持自动检测午餐照片,并将其发布到 Instagram 上。”
### 已解决的问题
没有软件是完美的,所以在这部分中你需要告诉读者们你的团队为了使这个项目更好一点而做的所有努力工作。因为那些不好的行为已经被解决了,所以应该用过去式来写这一部分。如果某个 bug 的定位很明确,那应该在这部分中写上相关信息。其它的一些项目可能也会包含这一节中所述的 bug.
### 已知问题
因为没有软件是完美的,所以永远会存在未解决的 bug. 在这一节中,你需要列出这些已知的问题。你不需要解决所有的问题;专注于影响功能的错误,如果这些是在上个版本发布后发现的,你可能需要优先解决。这一部分的文字用将来时完成。当你把这些问题解决,你只需要改变动词的时态,然后把它们移到上个部分即可。
--------------------------------------------------------------------------------
作者简介:
Ben Cotten - Ben Cotten 是一个受过专业训练的气象学家但他现在是一位高性能计算工程师。Ben 是一位循环计算领域的布道者。它是一个 Fedora 用户及贡献者,与他人一同创办了一个本地开源会议组,是开源计划的成员,还是软件自由保护的支持者。你可以在 Twitter 上找到他(@FunnelFiasco
--------------
译者简介:
[StdioA](https://www.stdioa.com/) —— Pythoner, Player.
--------------
via: https://opensource.com/article/17/3/how-to-improve-release-notes
作者:[Ben Cotton][a]
译者:[StdioA](https://github.com/StdioA)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/bcotton
[1]:https://opensource.com/article/17/3/how-to-improve-release-notes?rate=81ry_1MGfmsPXV6_y_4St2DQI4XyJAqIzs4yTNtUrpA
[2]:https://opensource.com/user/30131/feed
[3]:https://opensource.com/article/17/3/how-to-improve-release-notes#comments
[4]:https://opensource.com/users/bcotton

36
translated/tech/linux-distro -explain/20140513 What is Debian A brief introduction.md Normal file
View File

@ -0,0 +1,36 @@
###Debian 是什么?一个关于 Debian 的简介
大家好!!
今天给大家带来点有意思的东西。我们准备给大家仔细讲讲 Linux 世界里的东西。
想必你们对[Linux 是什么?一个关于 Linux 的简介][2]和[怎么在 Linux 下用 screenlets 工具来安装一些桌面小程序][1]这两篇文章也感趣。这篇文章就当是这一系列的文章的第一部分。来给大家讲讲 Debian 这个 Linux 发行版。作为 Linux 的第一个发行版Debian 是在1993年才初步发行的。Debian 这个名字是由 Debian 发行版的创作者给起的,这俩人是夫妻,男的叫 Ian Murdock 女的叫 Debra。
Debian 是个庞大的开源软件包的集合体。说 Debian 是开源软件包的集合,其实它也支持一些非自由软件包,不过相对来说 Debian 软件包集合里大部分是开源的。根据 Debian 的官方数据统计Debian 库里总共囊括了37500个自由软件包。这些软件都是由 Debian 官方免费提供的。目前全世界大概有一千多人在为打造一个更好的 Debian 发行版努力。
目前为止 Debian 最新的稳定发行版是 7.5 命名为 Wheezy 。给开发测试用的最新的测试发行版 8.0 也出来了,命令为 Jesse 。Debian 发行版默认使用 Gnome 做为桌面环境。当然也不是只有 Gnome KDE 、Xfce 和 LXDE 这些桌面环境都是可选的。因为 Debian 的安装工具是可视化的图形界面,所以安装 Debian 这事很易容完成。
Debian 是一个稳健而且安全性高的操作系统。Debian 支持决大部分的架构的硬件平台所以你们不用担心它能不能在你的PC上运行。另外你是不是要问驱动怎么办想知道从哪里可以找到能跟你的 Debian 想匹配的驱动。这些问题都不需要太担心Debian 社区已经把决大部分的现有新老设备的驱动准备好了。这样一来你也不用再等设备生产商给你制作相应的设备驱动了。还有更牛逼的一点就是,这些驱动都是开源的,都是可以免费获取的。
Debian 是由一个社区来维护的,就管它叫 Debian社区吧。因为有了这个社区你可以相信你在使用 Debian 过程种遇到的问题肯定是可以在社区里找到其它用户来给你提供解决办法的。Debian 软件库里有大把的软件供你选择而且都是免费的。Debian 是一个功能强大的操作系统。它具备稳定、高效、安全的特性,另外它的用户界面是一个友好的图形界面,所以它易用性也很强。
我们一般所说的稳定是指这个系统极少出现崩溃或者挂死现象还能兼顾高效率。Debian 正是这种系统的代表。Debian 的升级也相当容易实现。Debian 团队已经把软件库里的众多软件件源码包编译好,所以我们可以轻松的找到我们想要的软件,并且安装到咱们的系统里。
不管怎么说Debian 诞生到现在已经有20个年头了。能持续到现在说明了 Debian 团队一直在为给用户提供一最好的发行版而不懈努力着。Debian 可以通过购买DVD的方式进行安装也可以直接在网上下载ISO镜像来进行安装。所以我们推荐你试一下 Debian。它可以给你提供非常多的东西。
Debian 是我们“介绍 Linux 世界”系列里的第一个内容。我们会接下来会给你们介绍另外一个 Linux 发行版。保持关注哦后面还有更多内容在我们“Linux 世界”栏目。到时候再见咯。
--------------------------------------------------------------------------------
via: http://www.techphylum.com/2014/05/what-is-debian-brief-introduction.html
作者:[sumit rohankar ][a]
译者:[zschong](https://github.com/zschong)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://plus.google.com/112160169713374382262
[1]:http://www.techphylum.com/2014/05/desktop-gadgets-in-linux-ubuntu.html
[2]:http://www.techphylum.com/2014/05/what-is-linux-brief-description.html?m=1